Under attack

Yesterday night, a spammer started to take this blog under heavy attack. For half an hour he posted one comment every two seconds onto a random entry page. Because I want everybody to be able to post freely on this blog and am not using captchas, registering procedures or similar, this resulted in about 5-10 spam comments on nearly all of the about 400 pages of this blog. But not enough, the spam bots are continuing to post their dump comments on this blog at this very moment.
Consequence: This is so frustrating. I now manually deleted about 80% of all the spam again, but finishing this up could still take some time. (If you spot some spam, please let me know.) I temporarily disallowed comments on this blog, modified the submit script of this blog software, locked comments on old entries, added some more filtering, but I am now also thinking about adding a very simple captcha. Something like a third entry box with a question like "2+5=?". This would be a handmade custom captcha (like all of the other modifications to this software too ;) ), and I don't expect any spammer to adjust his spam script especially for my blog. I hope I've some time at the weekend for this.

ten comments, already:

registration == GOOOD
captchas = GREAT
RabidLockerGnome - 26 09 06 - 19:24

Why don’t make the question more fun. Fore example random Irrlicht trivia like
“DirectX 9 device constant?”
a) EDT_DIRECTD9
b) EDT_DIRECTX9
c) EDT_OPENGL
Franta - 26 09 06 - 20:44

cause you cannot generate such questions automaticly ;)
3 + 5 = ? can be generated by a simple script.
answerMaschine - 26 09 06 - 22:18

A constant problem. I use WordPress which requires a user’s first post (no registration, just an email, which is never shown publically) to be manually approved, and from then on they are automatically approved. Askimet deals with first posters that match spam patterns, and it’s very accurate – very few false positives and it automatically blocks an average of 20 spam comments a day on my blog. You probably had a big wave because the software was known to be vulnerable, a big problem.

Captchas don’t solve everything, we still get spammers in our forums even with user email verification AND captchas. These are mostly people hired for a pittance, like gold farmers, to manually set up accounts and spam forums. I hate them all. :(
Steve () (link) - 27 09 06 - 01:49

I for one would not mind answering extra questions – as long as you dont use some cryptic numbers masked by noise, I end up going cross eyed thinking its sirds :)
StuC_OVINE () (link) - 27 09 06 - 09:30

I think that you should delete them all manually one-by-one, and not bother us with boring stuff like that. I mean I demand. Yupp.
Matthias - 27 09 06 - 14:37

I had to do that on my Pivot devblog because of a horrendous amount of comment spam. ive got the search box on the front page and for some reason it defaults of having the text “tralala” in it, so i put the question “What is the default text in the search box on the front page?” as having to be answered before the comment can be posted
The Anaconda - 27 09 06 - 15:16

hey, maybe captchas aren’t necessary anymore, looks like my newly written filter is working well. :)
niko - 27 09 06 - 17:43

What did you put on that filter niko?
bicunisa (link) - 28 09 06 - 07:36

words and urls used in that spam comments.
niko - 29 09 06 - 16:09


Name:  
Remember personal info?
yes
no
Email (optional):
URL (optional):
Enter "layered" (antispam):
Comment:Emoticons / Textile

  ( Register your username / Log in )

Notify: Yes, send me email when someone replies.  

Small print: All html tags except <b> and <i> will be removed from your comment. You can make links by just typing the url or mail-address.
Note: If you type in your email adress above, it will be visible to other visitors, although it will be hidden for bots using javaScript.